Groups like Anonymous and LulzSec have constantly appeared in headlines, and the nation's most seemingly sturdy companies -- like Citigroup, Google and Lockheed Martin -- have all fallen victim to one attack or another.

There's no need to panic, especially if you're a small business (since larger entities are usually the targets), but it's imperative to take precaution. Symantec's 2010 threat report estimates that 75% of enterprises experienced some form of cyber attack during the year prior, and with all that important data you have stashed away, the consequences of a breach can be dire.

We consulted Roland Cloutier, Chief Security Officer for ADP and a board member for the National Cyber Security Alliance, and Matt Watchinski, Senior Director of the Vulnerability Research Team for cybersecurity provider Sourcefire, to find out the most important steps every small business should be taking to protect themselves from cybercrime.

See Also

Making sure your computer is "properly patched and updated" is a necessary step towards being fully protected; there's little point in installing all this great software if you're not going to maintain it right.

"Your security applications are only as good as their most recent update," Watchinski explains. "While applications are not 100 percent fool-proof, it is important to regularly update these tools to help keep your users safe."

Frequently updating your programs keeps you up-to-date on any recent issues or holes that programmers have fixed.

See Also

Because of their portable nature, laptops are at a higher risk of being lost or stolen than average company desktops. It's important to take some extra steps to make certain your sensitive data is protected.

See Also

Cloutier points out that smartphones hold so much data these days that you should consider them almost as valuable as company computers -- and they're much more easily lost or stolen. As such, securing them is another must.

The must-haves for mobile phones:

1. Encryption software

2. Password-protection (Cloutier also suggests enabling a specific "lock-out" period, wherein after a short amount of time not being used, the phone locks itself)

3. Remote wiping enabled

Remote wiping is "extremely effective," Cloutier says, recounting the story of one executive who lost his Blackberry in an airport, after he had been looking at the company's quarter financials. The exec called IT in a panic, and within 15 minutes they were able to completely wipe the phone.

Backup regularly

See Also

Scheduling regular backups to an external hard drive, or in the cloud, is a painless way to ensure that all your data is stored safely.

The general rule of thumb for backups: servers should have a complete backup weekly, and incremental backups every night; personal computers should also be backed up completely every week, but you can do incremental backups every few days if you like ("however long you could live without your data," Cloutier explains).

Getting your data compromised is a painful experience -- having it all backed up so you don't completely lose it will make it much less so.

Monitor diligently

See Also

"All this great technology... is no good unless you actually use it. You have to have someone be accountable for it," says Cloutier.

One good monitoring tool Cloutier suggests is data-leakage prevention software, which is set up at key network touchpoints to look for specific information coming out of your internal network. It can be configured to look for credit card numbers, pieces of code, or any bits of information relevant to your business that would indicate a breach.

If you don't monitor things, warns Cloutier, "it's a waste of time and a waste of resources." And you won't know that you've been compromised until it's far too late.

See Also

It's not uncommon for a unsuspecting employee to click on a link or download an attachment that they believe is harmless -- only to discover they've been infected with a nasty virus, or worse.

"Links are the numbers one way that malware ends up on computers," says Cloutier. "Links are bad!"

As such, never click on a link that you weren't expecting or you don't know the origination of in an email or IM.

You have to "be smart when surfing the Web," Watchinski warns. "[You] should take every “warning box” that appears on [your] screen seriously and understand that every new piece of software comes with its own set of security vulnerabilities."